Scam of the day – August 28, 2017 – Chinese national arrested on hacking charges

Last week the FBI arrested Chinese national Yu Pingan in Los Angeles where he came to attend a technology conference.  Yu was charged with distributing and using malware including the rarely used Sakula malware program used in the massive data breach against the Office of Personnel Management (OPM) in 2014 and 2015 that resulted in huge amounts of personal information including Social Security numbers and fingerprints of more than 20 million present and former government employees being stolen.

It is interesting to note that while the Sakula malware is quite sophisticated, to a great extent Yu’s arrest was as a result of his failing to do little to hide his name in communications regarding the use of the malware.  An indication of Yu’s hubris is that he felt confident enough in his anonymity to attend a conference in the United States, which ultimately led to his arrest.


This arrest  signals the continuing efforts the FBI is putting into apprehending cybercriminals.  It also serves again as a warning to all of us to remember that despite our best efforts to protect our personal data, we are only as secure as the places that hold our personal data with the weakest security, which is why, whenever possible, you should limit the amount of personal information you provide institutions and companies with which you do business.


Scam of the day – July 16, 2016 – Google warning Gmail users about foreign hackers

State sponsored hacking from countries such as China, North Korea and Russia pose a threat to everyone, but Google, which has for years been monitoring hacking attempts by foreign governments, is notifying Gmail customers when Google has reason to believe that their Gmail accounts are being targeted.  If Google finds that you have been targeted you will receive the following message that takes up your entire screen warning you of the danger and urging you to use the more security dual factor authentication.  In its warning, Google indicates that less than 0.1% of all Gmail accounts are targeted, however, it is important to note that this percentage translates into more than a million people who are in jeopardy.

Screen Shot 2016-04-01 at 3.52.40 PM


As I have suggested many times, whenever you have the opportunity to use dual factor authentication, it is a wise choice to make because even if someone manages to steal your password or even trick you into providing it, as was the case with Jennifer Lawrence when she was convinced by a phishing email to provide her password to a cybercriminal who used it to access nude photos of her that she stored in the cloud, the hacker will not be able to access your email or other account because a special code provided to you through your cell phone is required whenever you wish to gain access to your account.

Finally, as I so often say, even paranoids have enemies so I urge you to err on the side of caution if you receive this type of notice and not necessarily trust it.  It could be a phishing communication from a cybercriminal luring you into clicking on a link which will either get you to provide personal information that can be used to make you a victim of identity theft or will download keystroke logging malware or ransomware.  The best course of action would be to merely go to Google directly from your browser without clicking on the link contained in the notification.  Here is a link you can trust that will take you to instructions for enabling dual factor authentication for Gmail

Scam of the day – August 14, 2015 – OPM data breach included fingerprint data

One of my mottoes regarding data  breaches is that things are not as bad as you think — they are far worse and that motto is unfortunately turning out to be quite accurate in regard to the recent data breach at the Office of Personnel Management (OPM) by Chinese hackers.  First, we were told that 2.2 million people were affected, but that number has risen to now more than 21.5 million people affected.  But as more becomes known about the data breach, it is not just the numbers of people affected that makes this data breach so serious, but the kind of data stolen that makes it even worse.  Among the data stolen were 1.1 million fingerprint records, the theft of which poses a serious threat as more and more biometrics, such as fingerprints are used for security purposes on smartphones, computers and other devices.  Although it sounds like science fiction, it is actually science fact that the stolen data could be used to create copies of fingerprints on latex gloves that could be used to gain access to fingerprint protected devices.  The severity of the problem may be mitigated somewhat by older fingerprint records being ink images rather than the high resolution digital scans now used, but either way, the threat is real.


As I wrote in my USA Today column about the data breach at the OPM, hopefully this event will be our cyber 9/11 wakeup call to improve our national cybersecurity  in government, private industry and our individual lives.  Here is a link to that column:

While all we can do as individuals is urge our elected officials and companies with which we do business to improve their data security, there is much we can do as individuals to protect our own cybersecurity on our computers, laptops, smartphones and other devices.  You can find lists of many steps you can take to make your cyberlife more secure in my book “Identity Theft Alert.”

Scam of the day – June 5, 2015 – Major data breach at the Office of Personnel Management

The Office of Personnel Management (OPM) is the federal agency that deals with federal security clearances and federal employee records and as such contains sensitive personal information of millions of Americans who work for or have worked in the past for the federal government.  Late Thursday, it was announced that hackers had managed to steal employee data on at least four million present and former federal employees.  Although the data breach was announced just yesterday, the breach was first found in April and appears to have originated more than a year ago.  This is the third major data breach in the last year of the federal government following successful hacks into the White House and State Department email systems and the Office of Personal Management which was hacked last summer although at that time the files stolen totaled tens of thousands rather than millions.

Last year’s hacking into the OPM’s computers was thought to be the work of Chinese hackers who appeared to be looking for information on people with top security clearances who might be the targets of further identity theft or even extortion by the Chinese government looking for classified information it could use in commerce, foreign affairs or espionage.  Although it is initially been indicated by federal investigators that the latest OPM data breach was done by Chinese hackers, whether the goal is espionage or identity theft for profit is unclear at the present time.  The Social Security numbers and other personal identifying information targeted in this latest hacking would generally be used for identity theft purposes, but when coupled with other personal information could also be used for extortion purposes of federal employees, some of whom are in sensitive positions or even for finding out the profiles of people who get security clearance in the United States and using that information to tailor the appearance of spies to meet those profiles.


The OPM was already in the process of making necessary security changes to prevent this type of hacking by restricting remote access of its computer networks and limiting the Internet accessibility of some information, however, these and other security measures were not fully implemented in time to thwart this massive data breach.

The advice for present and former federal employees is the same as for any victim of a similar data breach.  Check your credit report for free through to see if damage has already been done.  Remember, in this data breach as with most data breaches, the damage has gone on for some time before it is discovered and made public.  Put a credit freeze on your credit report so that someone with your Social Security number will not be able to access your credit report to establish credit in your name.  You may also wish to change user names and passwords for your accounts and make sure that you use unique passwords for every account that you have.  Monitor your bank accounts, investment accounts and credit card accounts for fraudulent use.  You may wish to close accounts and open new ones for extra protection.  Remember, even paranoids have enemies.

Scam of the day – November 12, 2014 – Post office hacked

Earlier this week the United States Postal Service announced that it had been hacked, most likely by Chinese hackers, who stole personal information including names, birth dates, Social Security numbers, home addresses and other personal information on as many as 800,000 employees of the Postal Service.  Although generally this is the type of hacking that would lead to massive instances of identity theft, the Chinese, who usually limit their state sponsored hacking to corporate espionage of trade secrets of companies with which they compete, may have been looking for just additional data on Americans.  Earlier this year, the Chinese hacked into the records of the federal Office of Personnel Management which conducts security clearance checks and this hacking was thought to be more closely related to counterintelligence or even recruitment purposes.  However, in the Postal Service hacking it is purely speculative as to why the Chinese government did this hack.


Once again, we see that the federal government just like private industry is not doing enough to secure its data.  Just as in the breaches of Home Depot and Target, the data breach was accomplished by the planting of sophisticated malware by way of phishing emails to federal employees who were lured into clicking on links in the tainted malware.  A recent federal study showed that 20% of hacking of federal computers was started through federal employees clicking on links in phishing emails against federal policy.

So what does this mean to you and me?  This is just another reminder that both government and the private sector have got to do a better job of protecting the data they store.  It also reminds us that we must remain eternally vigilant to identity theft threats and continue to monitor our financial accounts and credit reports regularly.

Below you can find a television interview I did yesterday about this on NewsMax TV.




Scam of the day – October 8, 2014 – Justice Department indicts members of international computer hacking gang

Recently the U.S. Department of Justice indicted four members of an international computer hacking gang on charges of hacking into the computer networks of Microsoft Corporation, Epic Games, Inc., Valve Corporation, Zombie Studios and the U.S. Army and stealing more than a hundred million dollars worth of trade secrets and intellectual property.  The hacking involved software and data related to the Xbox One console, Xbox Live online gaming system, games, such as “Call of Duty:  Modern Warfare 3” as well as software used to train military helicopter pilots for the U.S. Army.  Those indicted included three Americans, Nathan Leroux, Sandadoleh Nesheiwat and eighteen year old Austin Alcala.  Also indicted was David Pokora, a Canadian.  Additionally, an Australian citizen has been charged under Australian law in regard to the same criminal enterprise.  Two of the defendants have already pleaded guilty including David Pokora who thus becomes the first foreigner convicted of stealing trade secrets.


Hacking into companies in order to obtain trade secrets has become commonplace.  According to a government report, more than 3,000 companies have been hacked by Chinese hackers.  FBI Director James Comey said recently on the television show 60 Minutes that there are two types of companies in the United States, those that have been hacked by the Chinese and those that just don’t realize that they have been hacked by the Chinese.  The government and business  have both got to a better job of protecting the security of data.   Legislation, regulation and training has got to be improved to meet a threat from government sponsored hacking as well as hacking by private criminals.

Scam of the day – September 18, 2014 – FBI says every sector of government has been hacked

Testifying before Congress recently, Robert Anderson, the executive assistant director of the FBI’s Criminal, Cyber Response and Services branch said that every sector of the federal government has been hacked and those agencies that believe they have not been hacked have merely not yet discovered that they had been hacked.  The hacking and data stealing from government agencies and private companies as exemplified by the Target data breach of last year present a major threat to the United States.  The hacking is done, Anderson testified, by four unrelated groups who he described as “spies, transnational organized criminals, terrorists and hacktivist groups.” Corporate espionage by which companies both domestic and foreign steal business secrets is a major problem as well.  An example of this is found in the recent indictments of Chinese hackers for stealing American companies business secrets.  Anderson further testified that “The bottom line is, we’re losing a lot of data, money and innovation.”  That is the bad news.


The good news is that the government is making a concerted effort to combat this threat.  Anderson told Congress that the government is “engaging in an unprecedented level of collaboration” with businesses and international law organizations to fight this threat.  In July the Senate Intelligence Committee voted 12-3 to approve the “Cybersecurity Information Sharing Act” which would permit the government, technology and manufacturing companies to better share information in an effort to protect both companies and the government from cyberattacks.  Some privacy advocates have been critical of the proposal, but with proper safeguards, this bill should be passed to enhance the ability to fight hackers.

Scam of the day – August 21, 2014 – Community Health Systems data breach update

A couple of days ago I told you about the massive data breach at Community Health Systems a hospital chain with hospitals in 29 states.  This data breach, which was done by Chinese hackers resulted in personal data on 4.5 million patients of Community Health Systems being stolen.  The data included names, addresses, birth dates and Social Security numbers which puts the affected individuals in serious jeopardy of identity theft.  Community Health Systems is in the process of notifying the affected individuals and offering credit monitoring services.  Now however, Trusted Sec LLC, a security company is indicating that the hacking of Community Health Systems was accomplished by the first known exploitation of the Heartbleed security flaw.  Heartbleed is the name of the security flaw in the Open SSL encryption security technology discovered last April that is used by up to 2/3 of websites on the Internet.  Although the Heartbleed flaw was promptly patched, there was a period during which the users of this technology were left vulnerable and it appears that during this period was when the Chinese hackers managed to steal data from Community Health Systems.  It is not unusual for hackings and data breaches to remain undiscovered for significant periods of time.  This data breach may be the first major data breach connected to Community Health Systems, but it is most likely not going to be the last.


It has been said that the price of liberty is eternal vigilance and that is also important in maintaining your own personal security.  People who did not change their passwords following the Heartbleed security flaw first being uncovered should take this as a wake up call to do so now.  You should also consider putting a credit freeze on your credit report.  You can find instructions as to how to do this in the “credit freeze” link on the right hand side of this page.  This will protect your credit from being accessed by someone who may otherwise have enough personal information of yours to access your credit report in an effort to use your credit.  Finally, you should monitor all of your financial accounts regularly for indications of fraudulent use.  Remember, you are only as safe as the places that hold your personal information and some of them have poor security.

Scam of the day – July 14, 2014 – Chinese hackers steal information from Federal Office of Personnel Management

Hacking of American companies by Chinese hackers is not particularly startling as it is going on all of the time, however the federal government is now admitting that back in March Chinese hackers were able to hack into the data bases of the Office of Personnel Management and gain access to personal information on thousands of government workers.  What is particularly troublesome is that the Office of Personnel Management manages a program called e-QIP where federal employees who are seeking security clearances must provide much personal information including personal financial data.  It is not known what the purpose of the hacking was and whether or not it was government sanctioned or not.  What is known is that, just as the hacking into the computers of the United States Department of Energy last week, showed, government databases are just as vulnerable as those of private companies.


So what does this mean to you?

First and foremost if you are someone whose information was maintained by the Office of Personnel Management you should be on heightened alert for identity theft.  You should check your credit report with each of the three major credit reporting agencies, Equifax, TransUnion and Experian.  You also would be wise to put a credit freeze on your credit reports at each of the three major credit bureaus to prevent someone with personal information about you from gaining access to your credit report and utilizing your credit.  You can find a detailed explanation of credit freezes along with instructions for getting one in the right hand column of the first page of Scamicide.  As for the rest of us, this is yet another lesson that you are only as safe from identity theft as the places with the weakest security that hold personal information about you.  Whenever possible limit the amount of personal information held by companies and governmental agencies with which you do business.  Also, do not leave your credit card number on file with any retailer with which you do business regularly.  It may be convenient to do so, but it increases your risk of identity theft if the company is hacked and your data is compromised.

Scam of the day – May 28, 2014 – FBI to take action against Russian hackers

It has been a little more than a week since I first told you about the Justice Department’s legal actions against five Chinese military personnel on charges of hacking into six American companies in order to steal corporate secrets.  Although we have known that this form of international corporate espionage has been done by Chinese hackers for years, it was not until now that the government took official action.  However, China is certainly not alone in this type of offense.  In particular, Russian hackers have been doing the same types of cybercrimes for the same reasons.  It has been estimated by the cybersecurity company CrowdStrike earlier this year that the Russian government has been involved in the same type of corporate espionage through hacking of literally hundreds of companies not just in the United States, but also in Europe and Asia.  I predict that it will not be long before indictments  similar to those that have been brought already against Chinese hackers will be brought against Russian perpetrators.


Companies throughout the world must recognize that they must do a better job at protecting the security of their data.  It is also important to note that regardless of how sophisticated the malware programs used by hackers whether for state-sponsored corporate espionage or by individual criminals to gather personal information for identity theft purposes, these malware programs are worthless unless they are able to be installed into the computers of corporations and the way this is done is still predominantly by way of phishing emails whereby employees of  companies are tricked into clicking on links in emails that download the malware into their companies’ computers.  Until companies do a better job of establishing protocols and security systems related to clicking on links and downloading attachments, we will all be vulnerable.